Common Information
| Type | Value |
|---|---|
| Value |
UNC2452 |
| Category | |
| Type | Mandiant Uncategorized Groups |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2022-08-17 | 18 | GitHub - mandiant/Mandiant-Azure-AD-Investigator | ||
| Details | 2022-08-02 | 98 | PowerPoint Presentation | |||
| Details | 2022-07-26 | 43 | PowerPoint Presentation | |||
| Details | Website | 2022-06-26 | 19 | Overview of Russian GRU and SVR Cyberespionage Campaigns 1H 2022 | ||
| Details | 2022-05-21 | 344 | UNKNOWN | |||
| Details | Website | 2022-05-20 | 5 | Threat Group Naming Schemes In Cyber Threat Intelligence | ||
| Details | Website | 2022-05-02 | 39 | UNC3524: Eye Spy on Your Email | Mandiant | ||
| Details | Website | 2022-05-02 | 39 | UNC3524: Eye Spy on Your Email | Mandiant | ||
| Details | Website | 2022-04-27 | 15 | Identifying UNC2452-Related Techniques for ATT&CK | ||
| Details | Website | 2022-04-27 | 57 | UNC2452 Merged into APT29 | Russia-Based Espionage Group | ||
| Details | Website | 2022-01-20 | 9 | Anticipating Cyber Threats as the Ukraine Crisis Escalates | Mandiant | ||
| Details | Website | 2021-12-15 | 54 | No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages | Mandiant | ||
| Details | Website | 2021-12-06 | 51 | Suspected Russian Activity Targeting Government and Business Entities Around the Globe | Mandiant | ||
| Details | Website | 2021-10-28 | 1 | Road to Security Predictions 2022 with Charles Carmakal, Mandiant’s SVP and CTO | Mandiant | ||
| Details | Website | 2021-08-31 | 2 | Sunburst & UNC2452 | SolarWinds Breach Resource Center | ||
| Details | Website | 2021-08-18 | 4 | How to Detect Cobalt Strike - analyze.intezer.com | ||
| Details | 2021-06-29 | 131 | 2021 Threat Detection Report | |||
| Details | Website | 2021-06-28 | 2 | SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers | ||
| Details | Website | 2021-05-14 | 5 | Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise | CISA | ||
| Details | Website | 2021-04-27 | 7 | Abusing AD FS Replication | Stealing Secrets Over the Network | ||
| Details | Website | 2021-04-15 | 10 | Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise | CISA | ||
| Details | Website | 2021-04-15 | 80 | MAR-10327841-1.v1 – SUNSHUTTLE | CISA | ||
| Details | Website | 2021-04-13 | 2 | M-Trends 2021: A View From the Front Lines | Mandiant | ||
| Details | Website | 2021-03-24 | 10 | Hunting and detecting Cobalt Strike | ||
| Details | Website | 2021-03-04 | 47 | New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452 | Mandiant |